Joseph,

    Thanks for the response. Since all of the perl documentation referred to the "ports" accept  used, I didn't understand that these were "virtual" and not something our firewall is going to block. I am not currently a member of the devel list, but this too looks like something I will need to rectify.

 

-Ben

-----Original Message-----

This is an ideal question for the PLUG-Devel list, I'll answer here for convenience, however.

Ben,
    I may be missing something here, as I am not a Perl expert, but usually, when the accept function is called for a TCP socket, the accepted socket continues to communicate on the same port (in your example, on port 4567).  There can only be one connection listener on a given port, but there can be multiple active "conversation" sockets (up to 65535, represented in your code by SOMAXCONN) on that same port.  TCP handles the multiplexing of the individual sockets using a unique socket identifier sent in the packet structure, and the TCP stack in most systems (including Linux and the BSD's) maintains the server state required to route the data to the various threads handling those sockets as data streams.  Unless Perl is doing something I'm completely unaware of, the only port you need to worry about in your firewall would be 4567 using the code listed below (minus the client port part).

That said, It looks like, in the code snippet below, you're trying to initiate an additional socket back to the client using a client port value, is this deliberate?  If so, then you just need to do a quick check of the client port, and send an error on the initial socket indicating an acceptable port range.  The client software would then need to handle that error by selecting a port within the acceptable range.

==Joseph++